678887294cedf20e521534ed3c88a6fd

Sharing

Copy URL

Twitter E-mail

General

Target

678887294cedf20e521534ed3c88a6fd
Size

173KB
MD5

678887294cedf20e521534ed3c88a6fd
SHA1

9261aa4ff5d75d5491c3a4159f9f1f8bdad708d7
SHA256

f584e58f83d491475e45b8878d7619eea8235e7f62fe1a4b63bcdaa304c4350e
SHA512

e559b654a2c6d8ffb8f274fbf96817cc364d652b78ce8fec584daaed41f906688d3fe127e1210b700e5b5df539f8281cbba4eef4ec97868a124f60cfe7ab1d93
SSDEEP

3072:MoFOBxLihk2TjrS/ssmeNJwPTSLE6AzBnwxN2Gg77skH2GaLg+m7ZOhIC3db:HWxLiG23wNWPGvAzehgyG2g9ZOf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
678887294cedf20e521534ed3c88a6fd

Files

678887294cedf20e521534ed3c88a6fd
.exe windows:4 windows x86 arch:x86

eeaac256b9935ed1de309d50fcc13250

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
GlobalFree
GetShortPathNameW
WideCharToMultiByte
DisableThreadLibraryCalls
GlobalSize
CreateFileA
Sleep
GetProcessId
CreateFileMappingA
MapViewOfFile
EnumResourceTypesA
SetFilePointer
CreateFileW
LocalAlloc
LocalFree
GetFileAttributesA
WriteFile
GetTickCount
ReadFile
UnmapViewOfFile
GetFileSize
CloseHandle

gdiplus

GdipFree
GdipAlloc
GdipDisposeImage
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipGetImagePixelFormat
GdipCloneImage

user32

LoadCursorA
SendNotifyMessageA
SetFocus
PostMessageA
SetRect
DrawTextA
DestroyAcceleratorTable
ReleaseCapture
GetClassNameA
DefWindowProcA
CallWindowProcA
GetActiveWindow
CreateAcceleratorTableA
RegisterWindowMessageA
GetDC
PostThreadMessageA
EqualRect
GetQueueStatus
CreateWindowExA
IsChild
wsprintfA
ShowWindow
ReleaseDC
SendMessageTimeoutA
GetDesktopWindow
BeginPaint
DestroyWindow
GetWindowRect
MoveWindow
FindWindowA
SetWindowLongA
GetClientRect
GetSysColor
SendMessageA
RegisterClassExA
DispatchMessageA
SetCapture
FillRect
GetWindow
CreateDialogParamA
InvalidateRect
GetDlgItem
EndPaint
GetClassInfoExA
UnregisterClassA
PeekMessageA
wvsprintfA
SetParent
RedrawWindow
EnumDisplayDevicesA
MsgWaitForMultipleObjects
SetTimer
GetWindowTextA
IsWindow
GetFocus
GetWindowLongA
CharNextA
CopyRect
SetWindowTextA
KillTimer
GetWindowTextLengthA
GetParent
InvalidateRgn
SetWindowPos

ole32

CoCreateInstance
StgIsStorageFile
CoGetClassObject
CoTaskMemRealloc
CoInitializeSecurity
GetRunningObjectTable
StringFromGUID2
CoSetProxyBlanket
BindMoniker
CoTaskMemAlloc
StgOpenStorage
CreateItemMoniker
OleInitialize
StgCreateDocfile
OleLockRunning
OleUninitialize
CLSIDFromProgID
CoTaskMemFree
CoInitialize
CreateStreamOnHGlobal
CoUninitialize
CreateBindCtx
CLSIDFromString

advapi32

RegOpenKeyExA
CryptHashData
RegQueryInfoKeyA
CryptDestroyHash
CryptDestroyKey
RegSetValueExA
RegDeleteValueA
CryptEncrypt
RegCloseKey
CryptImportKey
CryptReleaseContext
RegEnumValueA
RegQueryValueExA
RegCreateKeyExA
RegEnumKeyExA
CryptAcquireContextA
CryptCreateHash
CryptGetHashParam
RegDeleteKeyA

shlwapi

PathFileExistsW
PathCombineW

gdi32

GetDeviceCaps
CreateFontA
GetStockObject
GetDIBits
RealizePalette
CreateCompatibleDC
CreateDIBitmap
ExtEscape
CreateDIBSection
DeleteDC
CreateCompatibleBitmap
CreateSolidBrush
BitBlt
StretchDIBits
SelectObject
DeleteObject
SelectPalette
GetObjectA
SetStretchBltMode
SetBkMode

wininet

InternetReadFile
InternetOpenA
InternetOpenUrlA
InternetCloseHandle

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

winmm

timeGetTime
timeSetEvent

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eeaac256b9935ed1de309d50fcc13250

Headers

File Characteristics

Imports

kernel32

gdiplus

user32

ole32

advapi32

shlwapi

gdi32

wininet

shell32

setupapi

winmm

version

Sections

.text Size: 96KB - Virtual size: 95KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 70KB - Virtual size: 70KB

.tls Size: 1024B - Virtual size: 92KB

.text
Size: 96KB - Virtual size: 95KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 70KB - Virtual size: 70KB

.tls
Size: 1024B - Virtual size: 92KB